Summary6 min read

Podcast Summary: The Indicator from Planet Money

Episode: The new AI model that could steal your life savings

Air Date: May 11, 2026
Hosts: Darian Woods & Waylon Wong
Notable Guests: Michael Moore (Anthropic), Rachel Greenstadt (NYU)

Episode Overview

This episode investigates the latest wave of concern in the financial and cybersecurity world: Anthropic's new AI model, Claude Mythos. Touted as so sophisticated and potentially dangerous that its public release has been restricted, Mythos sparked urgent meetings between regulators and banks. The hosts dissect whether such advanced AI truly threatens the safety of our life savings, explore the reality behind the hype, and ask if these risks are genuinely novel or just a new twist in an old game.

Key Discussion Points & Insights

1. The Government’s Response to Claude Mythos

[00:11] In April, high-level urgency was shown by Treasury Secretary Scott Besant and Federal Reserve Chair Jerome Powell, who summoned bank CEOs to discuss digital security in the wake of Anthropic’s Claude Mythos announcement.
[00:27] Anthropic revealed their model was "so state of the art, so clever, so dangerous" they couldn’t responsibly release it to the public yet.

2. What Makes Claude Mythos Stand Out

[02:55] Technically, Mythos is a language model like others (GPT, Claude), not specifically trained for cybersecurity but still capable of tasks ranging from poetry to code suggestions.
[03:25] Michael Moore (Anthropic):

"It showed a really advanced capability of chaining together individual vulnerabilities into an exploit that was potentially really dangerous."
The ability to "chain" small, individually minor software flaws into significant security exploits was unprecedented.

3. Anthropic’s Cautious Rollout – Project Glasswing

[04:06] Anthropic limited Mythos access to a small group for a head start in patching vulnerabilities—initially including JPMorgan Chase and later, Bank of America.
[04:40] The exclusivity raised concerns, given these are just 2 of America’s 4,000 banks.

4. Should We Worry About Our Life Savings?

[04:45] Michael Moore:

"[Hopefully] it's a little bit kind of like what Y2K turned out to be, which was really not much. But that was because a lot of work went into making sure it didn't happen."
The Y2K analogy suggests vigilance and broad industry collaboration are key to minimizing impact.

5. Can Every Bank Realistically Be Secured Before Release?

[05:29] The hosts question the logistics of warning and preparing thousands of organizations worldwide before Mythos (or similar models) are publicly available.
[05:51] Michael Moore:

"If you break just one link in that chain, the exploit doesn’t work anymore."

6. Anthropic’s New Security Product

[06:13] Anthropic introduced "Claude Security,” a tool to find and fix vulnerabilities, though not yet based on the cutting-edge Mythos.
Even slightly older models are helping patch "decades-old" bugs—one dating back 27 years.

7. Is Anthropic Creating the Problem It Sells to Solve?

[06:46] Skepticism arises over Anthropic building "skeleton keys" and then selling new locks.
[07:04] Michael Moore:

"[Cloud security] is really about looking at code bases that have been around for decades...Those kind of bugs are the things that we expect AI to find in the future, and that's why patching them using AI is so important now."
Moore argues these legacy bugs exist regardless; AI just makes patching possible at scale.

8. The Explosion in "Vibe Coding" and New Risks

[07:54] Some in cybersecurity remain uneasy, like NYU's Rachel Greenstadt.
[08:10] Rachel Greenstadt:

"People are able to write much more complex things much quicker that they don't understand that the AI doesn't understand. And this is an opportunity for whole new classes of bugs."
The rise in novices producing sophisticated code with AI opens new vulnerabilities.

9. The Ongoing Cat-and-Mouse Cybersecurity Game

[08:19] The hosts recall the perpetual race between hackers and defenders, with nation-state actors (China, Russia, Iran, North Korea) and ransomware groups posing constant threats.
[08:44] Rachel Greenstadt:

"It's excellent marketing, right?...this new model and it's so dangerous that only some people can have it...But we've seen this sort of thing before."
While the marketing is sensational, the process isn’t without precedent—these are real bugs, though the core dynamics are familiar.

10. Comparable Models and the Race to Patch

[09:03] Other AI tools—some open source—can already uncover bugs like Mythos, challenging the idea that Anthropic is uniquely advanced.
[09:23] Michael Moore:

"...the most important [thing] is that the vulnerabilities are patched and meaningfully increase the security of the cyber world."
Anthropic claims their priority is fixing vulnerabilities, regardless of whose model.

11. Endnote: A Measured Take on the Hype

[10:10] Rachel Greenstadt:

"It's neither the case that the angels have appeared, nor the case that the sky is falling, as far as we know."
A sober reminder that these challenges, while serious, are part of the evolving story—not apocalyptic.

Notable Quotes & Memorable Moments

[03:25] Michael Moore (Anthropic):
"It showed a really advanced capability of chaining together individual vulnerabilities into an exploit that was potentially really dangerous."
[04:45] Michael Moore:
"I'm really excited to see the conversations that are happening and the work that's being done to patch as many vulnerabilities as possible so that it doesn't come to a moment of strong concern for most people."
[07:54] Rachel Greenstadt (NYU):
"[Vibe coding is] an opportunity for whole new classes of bugs."
[08:44] Rachel Greenstadt:
"It's excellent marketing, right?...But we've seen this sort of thing before."
[10:10] Rachel Greenstadt:
"It's neither the case that the angels have appeared, nor the case that the sky is falling, as far as we know."
[05:12 & 10:21] Hosts exchanging Y2K and Prince references:

"I was more concerned with partying like it was 1999." – Waylon Wong
"Party like it's 2026." – Darian Woods

Important Timestamps

00:11 – Context: Key government officials call emergency meetings over AI threat
02:55 – What is Claude Mythos and what makes it dangerous
04:06 – Anthropic’s restricted rollout: Project Glasswing
04:40 – Concerns over patching all banks
06:13 – Introduction of Claude Security (not Mythos-powered)
07:54 – Skepticism from industry experts and rise of “vibe coding”
08:44 – Hype versus reality of “dangerous” AI models
09:03/09:23 – Open-source competition and importance of universal patching
10:10 – Final expert opinion: measured, not alarmist

Tone and Style

Direct, brisk, and conversational.
Mixes serious discussion with wry humor (e.g., Y2K and “party like it’s 1999” references).
Relies on expert input but frequently grounds the discussion for general listeners.

Conclusion

This episode explores whether AI models like Claude Mythos represent unprecedented economic and cybersecurity threats or fit into familiar patterns of technological risk and hype. Experts urge vigilance and highlight the need for wide industry collaboration but reject doomsaying. The message: this may be the next round in an endless game, and while models are growing more powerful, the industry’s response—drawing from past crises like Y2K—will determine if these AI advances are disruptive or simply another diligent day in cybersecurity.

Loading summary

Transcript41 lines

[00:01]
Rachel Greenstadt
Npr.
[00:12]
Waylon Wong
In April, Treasury Secretary Scott Besant and Federal Reserve Chair Jerome Powell called a special meeting with bank CEOs. They wanted to make sure banks were keeping their digital vaults secure in an age of rapidly advancing AI.
[00:27]
Darian Woods
They were responding to the AI company Anthropic's announcement. The AI company said it had a new model that was so state of the art, so clever, so dangerous, that it couldn't yet release it to the wider public. Anthropic called the model Claude Meathos. Michael Moore heads up the company's cybersecurity products. He says the new model could identify thousands of software vulnerabilities.
[00:52]
Michael Moore
What that means is someone who was writing the software at some point didn't quite do something right and that left a door, kind of a jar, and an attacker can get in through that door.
[01:03]
Darian Woods
This is the Indicator from Planet Money. I'm Darian woods.
[01:06]
Waylon Wong
And I'm Waylon Wong. Today on the show, is our money still safe in our bank accounts? We learn about the double edged sword of increasingly capable AI and we ask whether Claude Mythos unique capabilities are just a myth or a meef.
[01:27]
Schwab Announcer
This message comes from Schwab Self Directed Investing, Trading, Full Service Wealth Management, Automated Investing, Financial Planning, Thematic Investing, Retirement Planning and to think that's just a small taste of what Schwab offers. Because Schwab knows that when it comes to your finances, choice matters. No matter your goals, investing style, life, stage or experience, Schwab has everything you need all in one place so you can invest your way. Visit schwab.com to learn more.
[01:58]
LinkedIn/Square Announcer
This message comes from LinkedIn. Owning a small business comes with a lot of challenges and means juggling multiple things at once. It's even harder to do it efficiently, but with LinkedIn you get all the tools you need to grow in one place. With LinkedIn, simplify your sales, marketing and hiring so that you can actually run your small business with. Learn more@LinkedIn.com indicatorshow support for this podcast and the following message come from Square the easy way for business owners to take payments, book appointments, manage staff and keep everything running in one place. With Square you get all the tools to run your business with none of the contracts or complexity. And why wait? Right now you can get up to $200 off square hardware at square.com go indicator that's sq U-A-R-E.com goindicator run your business smarter with Square. Get started today.
[02:55]
Darian Woods
The new AI model, Claudmethos is in some ways a typical language model. It wasn't fundamentally different from A chatbot chained to answer general questions or write lines of code. Like Anthropic's other Claude Models, or ChatGPT, it hasn't been trained specifically for cybersecurity,
[03:14]
Waylon Wong
so it could write poetry limericks, or give you a new recipe for the best chocolate chip cookies. But when Anthropic was testing Claude Mythos, people in the company, like Michael Moore, started getting concerned.
[03:25]
Michael Moore
It showed a really advanced capability of chaining together individual vulnerabilities into an exploit that was potentially really dangerous.
[03:34]
Waylon Wong
When Michael says chaining together individual vulnerabilities, he means that Mythos could find multiple lines of code that, on their own, weren't hugely problematic, but together could leave the software exposed. It's like if a thief could break into your apartment block's front gate and your building's front door and your apartment unit's lock.
[03:54]
Michael Moore
It was the first time that if we just were to release the model out into the public, we were concerned that the scale of AI would allow offensive actors to actually go break into systems at an unprecedented rate.
[04:07]
Darian Woods
So Anthropic gave special access to Mythos to only a small group of companies. This was to allow them to fix their software before Mythos had a wider release. Anthropic called it Project Glasswing.
[04:19]
Michael Moore
We wanted to make sure that we gave a good head start to avoid a large swath of incidents that could impact all of us.
[04:28]
Waylon Wong
At first, there was only one named financial institution given early access, JPMorgan Chase. Reuters then reported that bank of America was two. That's two out of America's 4,000 banks.
[04:40]
Darian Woods
Should people be worried about their life savings potentially disappearing from their bank accounts?
[04:45]
Michael Moore
I'm really excited to see the conversations that are happening and the work that's being done to patch as many vulnerabilities as possible so that it doesn't come to a moment of strong concern for most people. Hopefully, it's a little bit kind of like what Y2K turned out to be, which was really not much. But that was because a lot of work went into making sure it didn't happen. And I'm really excited to see the industry making those kind of moves right now.
[05:09]
Darian Woods
Were you worried in 1999 about the Y2K bug, Waylon?
[05:12]
Waylon Wong
I was more concerned with partying like it was 1999.
[05:15]
Darian Woods
Yeah, those were the priorities. And, of course, with the computer programmers and technicians working all over the globe, we didn't actually have to worry about much in the end.
[05:25]
Waylon Wong
Yes, but can they really do the same thing with their AI models like Mythos?
[05:29]
Darian Woods
That sounds like a very challenging proposition because there are so many, I don't know, companies and banks and all kinds of people who use software all around the world. So how logistically can a company like Anthropic warn the world ahead of the model? Getting into the wrong hands?
[05:52]
Michael Moore
Yeah. So there's really two things that we can do. We wanted to talk publicly about the power of the model and the safety concerns of the model. But the second thing we wanted to do was make sure that there was a good, quick path for as many people to patch vulnerabilities as possible. Mythos can chain together a lot of vulnerabilities, and you think of it literally like a chain. If you break just one link in that chain, the exploit doesn't work anymore. Right.
[06:14]
Darian Woods
This drive to help patch up the world's software is partly why Anthropic released its next product. Later in April, Claude released a special tool just for finding and fixing software vulnerabilities. It's called Claude Security. At this moment, it's not based on that cutting edge Claude Methos model. But Michael points out that even using slightly less state of the art AI models can still find a lot of bugs which can then be fixed.
[06:41]
Waylon Wong
This makes sense, but a skeptic might say this is convenient timing.
[06:46]
Darian Woods
What do you say to critics who might argue that Anthropic is creating the problem it's charging people money to solve? You know, it's almost like a company that creates this new skeleton key that can break in anywhere, is now selling new locks.
[07:05]
Michael Moore
It's a good question. I think there's a couple of things there. Cloud security is really about looking at code bases that have been around for decades. One of the things that we found and we discussed in our Mythos blog was actually a bug that has been around for 27 years in a key piece of Internet infrastructure. Those kind of bugs are the things that we expect AI to find in the future, and that's why patching them using AI is so important now. As we move and continue to evolve as an industry and more code is written by AI, we definitely expect the security of the industry to get better. Better. It's something that we work on very strongly to continue to make sure our models are writing secure code. I'm sure our other peer labs do as well. And by using best practices like cloud security, for instance, we can assure that we're finding all of the bugs that we can before things get into production and before things impact end users.
[07:54]
Waylon Wong
But other cybersecurity experts aren't as confident. Rachel Greenstadt is a computer science professor at New York University. She points out that less experienced developers are vibe coding software, as in just typing instructions to get the chatbot to build the programs for them.
[08:10]
Rachel Greenstadt
People are able to write much more complex things much quicker that they don't understand that the AI doesn't understand. And this is an opportunity for whole new classes of bugs.
[08:20]
Darian Woods
Now, there has always been a cat and mouse game between more sophisticated hacking and tools that help with cybersecurity. This year, the US Intelligence community noted that actors from China, Russia, Iran, North Korea, and ransomware groups continue to pose critical threats to US networks and infrastructure. So maybe this is just another chapter in that game. Or maybe Claude Mitos is different.
[08:44]
Rachel Greenstadt
I mean, it's excellent marketing, right? You know, this idea that there's this new model and it's so dangerous that only some people can have it and so on. That said, the vulnerabilities it's finding are real. But we've seen this sort of thing before.
[09:03]
Waylon Wong
There are AI models available out there that are already roughly as capable as Claude Meathos. In fact, an open model found that that bug that Michael had Talked about, that 27 year old bug lurking in an old operating system, OpenAI has since released a model publicly that actually seems to match Mythos and what it can do. We asked Michael at Anthropic about that.
[09:24]
Darian Woods
How is Anthropic thinking about other companies putting out similarly powerful tools?
[09:32]
Michael Moore
Yeah, well, we, we can't obviously speak to models or things that we haven't tested from other, other labs. What I can say is, again, I am optimistic that the moves that we are making at Anthropic right now are fostering these conversations. And so many people are out there patching vulnerabilities. And we hope that users using whatever models they have access to go and do the same. And we hope that that's us. But if it's not, it's most important that the vulnerabilities are patched and meaningfully increase the security of the cyber world.
[10:03]
Darian Woods
To Rachel, we are in a new, faster era, but not one that brings challenges that are fundamentally different from what we've tackled before.
[10:11]
Rachel Greenstadt
It's neither the case that the angels have appeared, nor the case that the sky is falling, as far as we know.
[10:16]
Darian Woods
Okay, that's relieving to hear. How you feeling, Waylon?
[10:22]
Waylon Wong
Uh, I'm feeling like we should Party like it's 1999.
[10:27]
Darian Woods
Party like it's 2026. This episode was produced by Koopa Cats McKim with engineering by Jimmy Kearley. It was fact checked by Sarah Juarez Kick and Karen edits the show and the Indicator is a production of npr.
[10:49]
Schwab Announcer
This message comes from Schwab. At Schwab you can get everything from self directed investing to full service wealth management all in one place. No matter your investing goal, life stage, amount to invest or know how you can invest your way with Schwab. This message comes from Mint Mobile. If you're tired of spending hundreds on big wireless bills, bogus fees and free perks, Mint Mobile might be right for you with plans starting from 15 bucks a month. Shop plans today@mintmobile.com Switch upfront payment of $45 for 3 month 5 gigabyte plan required new customer offer for first 3 months only, then full price plan options available. Taxes and fees ext. See Mint Mobile for details.